Worklet: Enable Firewall on macOS

5 years ago
August 23, 2019
0 replies
107 views

ZachF-Automox
Former Automox Employee
2 replies

Originally introduced in Mac OS X Leopard (10.5.1), the built-in macOS Firewall limits incoming connections on a per-application basis (as opposed to a per-port basis). Disabled by default, this worklet enables the macOS firewall.

Evaluation:

#!/bin/bash

# helper function to check if a command exists
function command_exists {
    type "$1" &> /dev/null
}

# only evaluate if the socketfilterfw command is available
if command_exists /usr/libexec/ApplicationFirewall/socketfilterfw; then
    # check if the firewall is enabled
    /usr/libexec/ApplicationFirewall/socketfilterfw  --getglobalstate | grep -q 'enabled'

    # yes? no?
    exit $?
fi

# socketfilterfw command is not available, move along
exit 0

Remediation:

#!/bin/bash

# turn the firewall on
/usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on

# how did we do?
exit $?

This topic has been closed for comments

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos

What’s New at Webroot and Carbonite: May 2021

What’s new at Carbonite + Webroot: November 2021

What’s new at Carbonite + Webroot: October 2021

What's New at Webroot and Carbonite: September 2021

What's New at Webroot and Carbonite: August 2021

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings